Active Directory Cookbook for Windows Server 2003 and Windows 2000-Active Directory Cookbook for Windows Server 2003 and Windows 2000

[ Team LiB ]

Recipe 15.10 Using Perfmon to Monitor AD

15.10.1 Problem

You want to use Perfmon to monitor the performance of Active Directory.

15.10.2 Solution

15.10.2.1 Using a graphical user interface

Open the Performance Monitor.
Click on System Monitor in the left pane.
Type Ctrl + I. This will bring up the page to add counters.
Under Select counters from computer, enter the name of the domain controller you want to target.
Select the NTDS performance object.
Select the counters you want to monitor.
After you done with your selections, click Close.

15.10.3 Discussion

There are several Perfmon counters that can be very valuable for monitoring and troubleshooting Active Directory. The NTDS performance object has counters for address book lookups, inbound and outbound replication, LDAP reads, writes and searches, Kerberos authentication, and the Security Account Manager (SAM).

Here is a list of some of the most useful NTDS counters. I've also included their Perfmon explanation, which you can view by clicking on the Explain button in the Add Counters dialog box.

DRA Inbound Bytes Total/sec: Shows the total number of bytes replicated in. It is the sum of the number of uncompressed bytes (never compressed) and the number of compressed bytes (after compression).
DRA Inbound Objects/sec: Shows the number of objects received from neighbors through inbound replication. A neighbor is a domain controller from which the local domain controller replicates locally.
DRA Inbound Values Total/sec: Shows the total number of object property values received from inbound replication partners. Each inbound object has one or more properties, and each property has zero or more values. Zero values indicates property removal.
DRA Outbound Bytes Total/sec: Shows the total number of bytes replicated out. It is the sum of the number of uncompressed bytes (never compressed) and the number of compressed bytes (after compression).
DRA Outbound Objects/sec: Shows the number of objects replicated out.
DRA Outbound Values Total/sec: Shows the number of object property values sent to outbound replication partners.
DRA Pending Replication Synchronizations: Shows the number of directory synchronizations that are queued for this server, but not yet processed.
DS Client Binds/sec: Shows the number of Ntdsapi.dll binds per second serviced by this DC.
DS Directory Reads/sec: Shows the number of directory reads per second.
DS Directory Searches/sec: Shows the number of directory searches per second.
DS Directory Writes/sec: Shows the number of directory writes per second.
KDC AS Requests: Shows the number of Authentication Server (AS) requests serviced by the Kerberos Key Distribution Center (KDC) per second. AS requests are used by client to obtain a ticket-granting ticket.
KDC TGS Requests: Shows the number of Ticket Granting Server (TGS) requests serviced by the KDC per second. TGS requests are used by the client to obtain a ticket to a resource.
Kerberos Authentications: Shows the number of times per second that clients use a ticket to this DC to authenticate to this DC.
LDAP Bind Time: Shows the time, in milliseconds, taken for the last successful LDAP bind.
LDAP Client Sessions: Shows the number of currently connected LDAP client sessions.
LDAP Searches: Shows the percentage of directory searches coming from LDAP.
LDAP Searches/sec: Shows the rate at which LDAP clients perform search operations.
LDAP Successful Binds: Shows the percentage of LDAP bind attempts that are successful.
LDAP Successful Binds/sec: Shows the number of LDAP binds per second.
LDAP Writes: Shows the percentage of directory writes coming from LDAP.
LDAP Writes/sec: Shows the rate at which LDAP clients perform write operations.

[ Team LiB ]